[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SECURITY PATCH 030/117] kern/partition: Check for NULL before dereferen
From: |
Daniel Kiper |
Subject: |
[SECURITY PATCH 030/117] kern/partition: Check for NULL before dereferencing input string |
Date: |
Tue, 2 Mar 2021 19:00:37 +0100 |
From: Darren Kenny <darren.kenny@oracle.com>
There is the possibility that the value of str comes from an external
source and continuing to use it before ever checking its validity is
wrong. So, needs fixing.
Additionally, drop unneeded part initialization.
Fixes: CID 292444
Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
grub-core/kern/partition.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/grub-core/kern/partition.c b/grub-core/kern/partition.c
index 2c401b866..3068c4dca 100644
--- a/grub-core/kern/partition.c
+++ b/grub-core/kern/partition.c
@@ -109,11 +109,14 @@ grub_partition_map_probe (const grub_partition_map_t
partmap,
grub_partition_t
grub_partition_probe (struct grub_disk *disk, const char *str)
{
- grub_partition_t part = 0;
+ grub_partition_t part;
grub_partition_t curpart = 0;
grub_partition_t tail;
const char *ptr;
+ if (str == NULL)
+ return 0;
+
part = tail = disk->partition;
for (ptr = str; *ptr;)
--
2.11.0
- [SECURITY PATCH 019/117] net/tftp: Fix dangling memory pointer, (continued)
- [SECURITY PATCH 019/117] net/tftp: Fix dangling memory pointer, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 018/117] net/net: Fix possible dereference to of a NULL pointer, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 024/117] gnulib/regcomp: Fix uninitialized token structure, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 020/117] kern/parser: Fix resource leak if argc == 0, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 022/117] kern/efi/mm: Fix possible NULL pointer dereference, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 025/117] gnulib/argp-help: Fix dereference of a possibly NULL state, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 016/117] usb: Avoid possible out-of-bound accesses caused by malicious devices, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 017/117] mmap: Fix memory leak when iterating over mapped memory, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 023/117] gnulib/regexec: Resolve unused variable, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 026/117] gnulib/regexec: Fix possible null-dereference, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 030/117] kern/partition: Check for NULL before dereferencing input string,
Daniel Kiper <=
- [SECURITY PATCH 029/117] zstd: Initialize seq_t structure fully, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 033/117] disk/ldm: Fix memory leak on uninserted lv references, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 027/117] gnulib/regcomp: Fix uninitialized re_token, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 031/117] disk/ldm: Make sure comp data is freed before exiting from make_vg(), Daniel Kiper, 2021/03/02
- [SECURITY PATCH 034/117] disk/cryptodisk: Fix potential integer overflow, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 035/117] hfsplus: Check that the volume name length is valid, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 036/117] zfs: Fix possible negative shift operation, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 028/117] io/lzopio: Resolve unnecessary self-assignment errors, Daniel Kiper, 2021/03/02